From 3d1478bf98d2ecfe5dd4bf8700c824cd7deff575 Mon Sep 17 00:00:00 2001
From: Wenqi Mou <wenqimou@gmail.com>
Date: Thu, 15 Aug 2024 15:29:20 -0400
Subject: [PATCH] another try

---
 proto/brpb.proto   | 16 +++++++++-------
 scripts/proto.lock | 18 +++++++++++++-----
 2 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/proto/brpb.proto b/proto/brpb.proto
index 7f593fe2a..15e9e326f 100644
--- a/proto/brpb.proto
+++ b/proto/brpb.proto
@@ -673,7 +673,7 @@ message DataFileGroup {
 }
 
 message DataFileInfo {
-    // SHA256 of the file.
+    // Logical checksum of all the kv pairs in the file.
     bytes sha256 = 1;
     // Path of the file.
     string path = 2;
@@ -717,8 +717,8 @@ message DataFileInfo {
     // The compression type for the file.
     CompressionType compression_type = 18;
 
-    // It may support encrypting at future.
-    reserved "iv";
+    // Encryption information of this data file, not set if plaintext.
+    FileEncryptionInfo file_encryption_info = 19;
 }
 
 message StreamBackupError {
@@ -735,17 +735,19 @@ message StreamBackupError {
 enum BackupEncryptionMode {
     // only file iv will be set if using this mode, data key will be passed back from user during restore.
     PLAINTEXT_DATA_KEY = 0;
-    // all fields in footer needs to be populated.
+    // all fields in EncryptedFileInfo needs to be populated if master key based
     MASTER_KEY_BASED = 1;
 }
 
-message EncryptedFileFooter {
+message FileEncryptionInfo {
     // whether it's encrypted by plaintext data key or master key based data key
     BackupEncryptionMode mode = 1;
     // encrypted data key with metadata
-    encryptionpb.EncryptedContent data_key_encrypted_content = 2;
+    repeated encryptionpb.EncryptedContent data_key_encrypted_content = 2;
     // iv to encrypt the file by data key
     bytes file_iv = 3;
+    // file encryption method
+    encryptionpb.EncryptionMethod encryption_method = 4;
     // file checksum, optional if using GCM
-    bytes checksum_sha256 = 4;
+    bytes checksum_sha256 = 5;
 }
diff --git a/scripts/proto.lock b/scripts/proto.lock
index 8c2cd6f38..eb36a83a7 100644
--- a/scripts/proto.lock
+++ b/scripts/proto.lock
@@ -1634,10 +1634,12 @@
                 "id": 18,
                 "name": "compression_type",
                 "type": "CompressionType"
+              },
+              {
+                "id": 19,
+                "name": "file_encryption_info",
+                "type": "FileEncryptionInfo"
               }
-            ],
-            "reserved_names": [
-              "iv"
             ]
           },
           {
@@ -1666,7 +1668,7 @@
             ]
           },
           {
-            "name": "EncryptedFileFooter",
+            "name": "FileEncryptionInfo",
             "fields": [
               {
                 "id": 1,
@@ -1676,7 +1678,8 @@
               {
                 "id": 2,
                 "name": "data_key_encrypted_content",
-                "type": "encryptionpb.EncryptedContent"
+                "type": "encryptionpb.EncryptedContent",
+                "is_repeated": true
               },
               {
                 "id": 3,
@@ -1685,6 +1688,11 @@
               },
               {
                 "id": 4,
+                "name": "encryption_method",
+                "type": "encryptionpb.EncryptionMethod"
+              },
+              {
+                "id": 5,
                 "name": "checksum_sha256",
                 "type": "bytes"
               }